Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.741
Study on Home Network triggered Primary Authentication

3GPP‑Page   fToC   Partial Content
V18.0.1 (Wzip)  2023/03  38 p.
Rapporteur:
Mr. Li, He
HUAWEI TECHNOLOGIES Co. Ltd.

full Table of Contents for  TR 33.741  Word version:  18.0.1

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 7
2References  p. 7
3Definitions of terms, symbols and abbreviations  p. 7
3.1Terms  p. 7
3.2Symbols  p. 7
3.3Abbreviations  p. 7
4Key issues  p. 8
4.1Key Issue #1: Ability of the home network to trigger primary authentication  p. 8
4.1.1Key issue details  p. 8
4.1.2Security threats  p. 8
4.1.3Potential requirements  p. 8
4.2Key Issue #2: Signalling overload due to running the primary authentication for KAF refresh  p. 8
4.2.1Issue details  p. 8
4.2.2Security Threats  p. 9
4.2.3Potential security requirements  p. 9
5Potential solutions  p. 9
5.0Mapping of solutions to key issues  p. 9
5.1Solution #1: HN triggering primary authentication for various scenarios  p. 9
5.1.1Introduction  p. 9
5.1.2Solution details  p. 10
5.1.2.1Procedure for detection of SoR/UPU Counter wraparound in advance and perform re-authentication  p. 10
5.1.2.2Re-authentication due to EPC to 5G mobility  p. 11
5.1.2.3Re-authentication invoked by other AAnF  p. 11
5.1.3Solution Evaluation  p. 12
5.2Solution #2: UDM triggered primary authentication  p. 12
5.2.1Introduction  p. 12
5.2.2Solution details  p. 13
5.2.2.1Procedure  p. 13
5.2.2.2Procedure used for each use case  p. 13
5.2.2.3Service provided by AMF  p. 13
5.2.2.3.1General  p. 13
5.2.2.3.2Namf_HN Authentication service  p. 13
5.2.2.3.2.1Namf_HNAuthentication service operation  p. 13
5.2.2.4Service provided by UDM  p. 14
5.2.2.4.1General  p. 14
5.2.2.4.2Nudm_HN Authentication service  p. 14
5.2.2.4.2.1Nudm_HNAuthentication service operation  p. 14
5.2.3Evaluation  p. 14
5.3Solution #3: Home network triggered authentication solution for LTE to 5G interworking  p. 14
5.3.1Introduction  p. 14
5.3.2Solution details  p. 14
5.3.3Evaluation  p. 15
5.4Solution #4: UDM initiated primary authentication based on a NF request  p. 15
5.4.1Introduction  p. 15
5.4.2Solution details  p. 15
5.4.3Evaluation  p. 16
5.5Solution #5: Using the UDM to start home triggered authentications  p. 16
5.5.1Introduction  p. 16
5.5.2Solution details  p. 16
5.5.3Evaluation  p. 18
5.6Solution #6: UDM initiated primary authentication based on AUSF request  p. 18
5.6.1Introduction  p. 18
5.6.2Solution details  p. 18
5.6.3Evaluation  p. 19
5.7Solution #7: UDM initiated Primary Authentication  p. 19
5.7.1Introduction  p. 19
5.7.2Solution details  p. 20
5.7.3Evaluation  p. 21
5.8Solution #8: Solution to enable UDM in the HN to trigger Primary Authentication  p. 21
5.8.1Introduction  p. 21
5.8.2Solution details  p. 21
5.8.3Evaluation  p. 25
5.9Solution #9: AMF initiated primary authentication based on AUSF request  p. 25
5.9.1Introduction  p. 25
5.9.2Solution details  p. 26
5.9.2.1EPC interworking use case  p. 26
5.9.2.2Namf_UEAuthentication_Authenticate  p. 27
5.9.3.2.1Namf_UEAuthentication_Authenticate service operation  p. 27
5.9.3Evaluation  p. 28
5.10Solution #10: UDM initiated primary authentication based on AAnF request for KAF refresh scenario  p. 28
5.10.1Introduction  p. 28
5.10.2Solution details  p. 29
5.10.3Evaluation  p. 30
5.11Solution #11: Home network triggered primary authentication controlled by the UDM  p. 30
5.11.1Introduction  p. 30
5.11.2Solution details  p. 31
5.11.2.1General  p. 31
5.11.2.2UDM triggered primary authentication during UE Registration  p. 31
5.11.2.3UDM triggered primary authentication after UE Registration  p. 32
5.11.2.4Applicability of the UDM triggered primary authentication procedures to the Use Cases.  p. 34
5.11.2.4.1Interworking use case  p. 34
5.11.2.4.2SoR/UPU wrap around use case  p. 34
5.11.2.4.3Home Network triggered primary authentication for KAF refresh  p. 34
5.11.3Evaluation  p. 34
5.12Solution #12: Delegated Home Network controlled primary authentication  p. 35
5.12.1Introduction  p. 35
5.12.2Solution details  p. 35
5.12.3Evaluation  p. 35
6Conclusions  p. 36
AUse cases  p. 37
A.1Use Case #1: Security of Interworking  p. 37
A.2Use Case #2: SoR/UPU Counter Wrap around  p. 37
A.3Use Case #3: KAKMA refresh  p. 37
$Change history  p. 38

Up   Top